JPH1022994A - Ciphering device, deciphering device, ciphering method, deciphering method and communication system using the same - Google Patents

Abstract

PROBLEM TO BE SOLVED: To make decoding difficult and to securely synchronize passwords by generating a password key based on information which is set at every connection of a communication line between a base station and a moving station. SOLUTION: Ciphering is executed by using the key generated in a key generation part 200. The key generation part generates the password key based on information or the like which are set every time when the communication line is connected between the base station and the moving station. The password keys taking dynamic values different in every communication connection or every arbitrary time are made by generating the key from information. Random numbers outputted from a random number generation circuit part 202 are fed back and used as initial values for generating the next random numbers. The generated random numbers and data to be transmitted are operated in an exclusive OR operation part 203 and a password sentence of generated.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encryption device and a decryption device for data requiring confidentiality, and an encryption method and a decryption method, and various types of communication for transmitting and receiving information via a communication line or the like. The present invention relates to an encrypting device and a decrypting device which are used in a system, in particular, in which decryption of a cipher is difficult, and in which it is easy to synchronize ciphers between a receiving side and a transmitting side, and an encryption method and a decryption method.

[0002]

2. Description of the Related Art A conventional encryption device and a conventional decryption device will be described with reference to FIGS.

FIG. 1 is a configuration diagram of an entire portable telephone system using an encryption device and a decryption device.

[0004] As shown in FIG.
A plurality of mobile terminals 100 to 102 and a plurality of base stations 10
3 to 105, the switching control station 106, and the switching control station 1
06 and a telephone connected via a fixed telephone network. The encryption device and the decryption device 109 are mounted on each of the mobile terminals 100 to 102 and each of the base stations 103 to 105, and perform encryption and decryption of voice-encoded data and various data such as a facsimile and a personal computer. It performs a conversion process.

FIG. 12A is a diagram showing a configuration of an encryption device used in a conventional communication system and a flow of data.

FIG. 12B is a diagram showing a configuration of a decoding device used in a conventional communication system and a flow of data.

In general, a communication system uses a common key cryptosystem in which the same encryption key (key) is used for encryption and decryption (for a common key signal, see Ikeno and Koyama, Modern Cryptography Theory, IEICE).
Although the same key (common key) is not shown,
When a call is set up, the call is sent from the sender to the receiver, and the sender and the receiver respectively possess. On the transmission side, data encrypted using a common key (hereinafter referred to as ciphertext) is sent to the receiver, and the receiver performs decryption using the previously received common key. In this way, data is transmitted and received so that a third party other than the specific transmitter / receiver cannot decrypt the data.

Next, the operation of the encryption device and the decryption device will be described.

In FIG. 12, it is assumed that the common key, data, and cipher text are processed in units of 64 bits, each of which is 64 bits.

In a conventional encryption device, first, a fixed common key is input to a random number generation circuit for encryption. In FIG. 12, PN is added to the random number generation circuit for encryption.
(PseudoNoise) A pattern generation circuit 1200 is used. The PN pattern generation circuit 1200 generates a random number according to a predetermined calculation algorithm based on the input common key. The exclusive OR operation unit 1205 creates a ciphertext by taking the exclusive OR of the random number and the data to be encrypted.

On the other hand, the decryption device receives the cipher text sent from the transmission side, generates a random number by performing the same processing as the encryption device, and takes an exclusive OR with the cipher text, Decrypt the data.

Conventionally, an encryption algorithm generally used in a communication system is a simple one using the PN pattern generation circuit described above.

The common key input to the random number generation circuit such as the PN pattern generation circuit is always reset to a fixed value by both the encryption device and the decryption device for each frame of data to be encrypted. Here, one frame is a unit in which data of several hundred bits is put together. With this reset, the encryption side and the decryption side are synchronized with each other. Cryptographic synchronization means that random numbers used for encryption and decryption are matched, and that the same random number used for encryption is used for decryption. Data can be reliably decoded into original data.

[0014]

As described above, in the conventional encryption method, the key used for encryption has a fixed value. Therefore, when the key is passed to a third party, there is a problem that the third party can easily decrypt all subsequent ciphertexts using the key.

In order to synchronize the encryption between the encryption side and the decryption side, the initial value input to the random number generation circuit is reset to a fixed value for each frame. Becomes If the cycle is short as described above, there is a problem that sufficient randomness cannot be obtained, and sufficient encryption strength (hardness of decryption) is not obtained. In other words, since the same random number is used repeatedly each time it is reset in one frame, the random number has periodicity and is relatively easy to decrypt, and once decrypted, it can be decrypted with the same random number. I will.

SUMMARY OF THE INVENTION The present invention has been made to solve the above problems, and an object of the present invention is to provide an encryption device and a decryption device that are more difficult to decrypt and that can ensure cryptographic synchronization, and an encryption method and a decryption device. Another object of the present invention is to provide an optimization method.

[0017]

According to a first aspect of the present invention, an encryption apparatus and a decryption apparatus according to the present invention are provided with a base station and a base station communicating with the base station via a communication line. An encryption device used for encrypting transmission data requiring confidentiality according to a communication system having a mobile station that performs encryption, the encryption device includes an encryption key generation unit that generates an encryption key, and stores an initial input value. A random number generation circuit that inputs a cryptographic key generated by the cryptographic key generation unit and an initial input value stored in the register, performs predetermined arithmetic processing to generate and output a random number, An arithmetic unit that performs encryption or decryption on the data using the random number, wherein the encryption key generation unit is configured to perform encryption or decryption based on information set for each connection of a communication line between the base station and the mobile station. To generate an encryption key It is obtained by the.

Next, in the encryption device and the decryption device having the second configuration, in the encryption device and the decryption device having the first configuration, the key generation section may include information set for each connection of the communication line. The base station identification information of the base station, the mobile station identification information of the mobile station, the communication connection information between the base station and the mobile station, the mobile station identification information of the mobile station, the time information related to the communication connection, and the location information of the mobile station. And an encryption key is generated based on a predetermined calculation rule.

In the encryption device and the decryption device having the third configuration, in the encryption device and the decryption device having the first configuration, the random number generation circuit is generated by performing a predetermined arithmetic process. A circuit for sequentially generating random numbers from a random number sequence, generating a certain random number, and using the generated random number as an input value, the random number generation circuit generates the next random number, and uses the random number to calculate Is to encrypt or decrypt transmission data or encrypted data.

The encryption device and the decryption device according to the fourth configuration are different from the encryption device and the decryption device according to the first configuration in that an initial input value input to the random number generation circuit is predetermined. The apparatus further includes an initial value arithmetic processing unit that performs arithmetic processing, stores the initial value subjected to the arithmetic processing in a register, uses the initial value as a next initial input value, generates a random number, and generates a random number. The arithmetic unit performs encryption or decryption on transmission data or encrypted data.

The encryption device and the decryption device having the fifth configuration are different from the encryption device and the decryption device having the first configuration in that communication by the communication system is performed using a frame as a transmission unit. The frame number of the frame is stored in a register, and the random number generation circuit generates a random number using the frame number stored in the register as an initial input value, and the arithmetic unit encrypts or encrypts the transmission data or the encrypted data using the random number. The decryption is performed.

According to another aspect of the present invention, an encryption method and a decryption method according to the present invention provide a method for encrypting data based on information set for each connection of a communication line between a base station and a mobile station. A key is generated, a predetermined arithmetic process is performed using the encryption key and the initial input value, a random number is generated, and the transmission data or the encrypted data is encrypted or decrypted using the random number. It was made.

More specifically, the encryption key is generated by setting information for each connection of the communication line as base station identification information of the base station, mobile station identification information of the mobile station, and communication connection between the base station and the mobile station. Information, mobile station identification information of the mobile station, time information related to the communication connection, using one or more of the mobile station location information, to generate an encryption key based on a predetermined calculation rule. It was done.

More specifically, the generation of random numbers is to generate random numbers sequentially from a random number sequence generated by performing a predetermined arithmetic process. A random number is generated, and the generated random number is generated. Is used as an input value to perform predetermined arithmetic processing to generate the next random number, and to encrypt or decrypt transmission data or encrypted data using the random number.

More specifically, a predetermined arithmetic processing is performed on the initial input value, a random number is generated again using the initial value subjected to the arithmetic processing as the next initial input value, and the transmission data is generated using the random number. Alternatively, the encrypted data is encrypted or decrypted.

More specifically, communication by the communication system is performed using a frame as a transmission unit, and a random number is generated using a frame number of the frame as an initial input value.
The transmission data or the encrypted data is encrypted or decrypted using the random numbers.

According to a first aspect of the present invention, there is provided a communication system having a base station and a mobile station communicating with the base station via a communication line. , The base station and the mobile station have the encryption device and the decryption device having the first configuration.

According to a second aspect of the invention relating to a communication system of the present invention, in a communication system having a base station and a mobile station communicating with the base station via a communication line, the base station and the mobile station are And an encryption device and a decryption device having the third configuration.

A third configuration of the invention according to the communication system of the present invention is a communication system having a base station and a mobile station communicating with the base station via a communication line. And an encryption device and a decryption device having the fourth configuration.

A fourth configuration of the invention according to the communication system of the present invention is a communication system having a base station and a mobile station communicating with the base station via a communication line, wherein the base station and the mobile station are And the encryption device and the decryption device having the fifth configuration.

More specifically, in the communication system of the second to fourth configurations, data transmission between the base station and the mobile station is performed via a transmission slot having a control information area and a transmission information area. The base station and the mobile station
Determining means for determining whether the control information area of the transmission slot to be transmitted is usable; means for writing cryptographic synchronization information for performing cryptographic synchronization in the control information area; Means for adding an encryption synchronization information identifier indicating whether or not transmission is being performed to the control information area, and determining whether or not the transmission slot is transmitting encryption synchronization information from the encryption synchronization information identifier in the control information area of the received transmission slot. And means for receiving cryptographic synchronization information from the control information area of the transmission slot.

[0032]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, embodiments of the present invention will be described with reference to FIGS.

In each embodiment, an encryption key, an initial value,
The description will be made on the assumption that the random number and the cipher text each have a data length of 64 bits, and that the data is also subjected to encryption and decryption processing in 64-bit units. However, the present invention
The data length is 64 bits, the encryption key, the initial value,
There is no particular limitation on the case where the values of the random number and the cipher text have the same data length.

[Embodiment 1] Hereinafter, a first embodiment of the present invention will be described with reference to FIGS.

FIG. 2A is a diagram showing the configuration of the encryption device and the flow of data in the first embodiment of the present invention.

FIG. 2B is a diagram showing the configuration of the decoding device and the flow of data in the first embodiment of the present invention.

FIG. 3 is a diagram showing various types of information used for generating a key of the encryption device of the present invention and a configuration of a key generation unit.

FIG. 4A is a flowchart of the encryption method according to the first embodiment of the present invention.

FIG. 4B is a flowchart of a decoding method according to the first embodiment of the present invention.

The encryption device and the decryption device according to the present invention
As shown in FIG. 2, encryption is performed using the key generated by the key generation unit 200. The key generation unit 200 generates an encryption key based on information set each time a communication line is connected between a base station and a mobile station. These pieces of information serving as a key take different values each time a communication line is connected. In addition, time information such as a connection start time, and position information of a mobile station managed by a base station are constantly updated during communication connection. Therefore, by generating a key from these pieces of information, it is possible to use an encryption key having a different dynamic value for each communication connection or for a specific or arbitrary time.

According to the present invention, at the start of encryption, an initial value predetermined on the encryption side and the decryption side is stored in the register 201, and the stored initial value and the encryption key are stored in the random number generation circuit section 202. input. Then, a random number is generated according to some encryption algorithm. As this encryption algorithm, for example, an algorithm registered in ISO can be used. This is described in detail in "Nikkei Electronics No. 658,""Cryptography in the Internet Age."

Then, an exclusive OR operation unit 203 performs an operation on the generated random number and the data to be transmitted to create a ciphertext.

In the present invention, the random number generation circuit 202
Are fed back and used as initial values for the next random number generation. This eliminates the need to reset the initial value to a fixed value in a short period,
The random number generated by the random number generator can have sufficient randomness.

On the decrypting side, exclusive OR operation is performed on the transmitted cipher text using a random number generated in the same procedure as on the encrypting side, and data is restored.

Information used for key generation and initial values to be first input to the random number generation circuit at the start of encryption are determined in advance on the encryption side and the decryption side. Alternatively, as to what kind of information is used for key generation, a method of writing the information in the control information area of the transmission data and sending it may be considered. This will be described in detail later.

Next, the operation of the key generation unit will be described with reference to FIG.

The key generation unit combines any of the information shared by the base station and the mobile station or the information set for each communication connection as shown in FIG. The operation is performed by the function to generate an encryption key. The information used to generate the encryption key includes
For example, there are base station identification information, mobile station identification information, communication connection information, mobile station identification information, time information, and location information.

Here, the base station identification information is information individually assigned to identify each base station. The mobile station identification information is information individually assigned to identify each mobile station. The communication connection information is information for identifying connection on the same communication line. The mobile station identification information is information used to authenticate the mobile station. The time information is communication connection start date / time information, last connection history date / time / time information, and the like. Location information is
This is information indicating the location where the mobile station is located. These pieces of information are mainly set at the time of communication connection, but may be changed by key operation based on a user's request during communication, or the base station and the mobile station may change at regular or random time intervals. They are mutually transmitted and shared.

Hereinafter, a specific key generation procedure will be described.

In a certain communication system, it is assumed that base station identification information is represented by 56 bits and communication connection information is represented by 16 bits. A case where an encryption key is generated from the base station identification information and the lower 8 bits of the communication connection information will be described as an example.

First, a communication line is connected between the base station and the mobile station, and the base station identification information is 3, which can be represented by 56 bits [00... 11] (... Similarly, the communication connection information is 15, which is 1
Assume that [00... 1111] is set in 6 bits. The 64-bit data created by combining these is [00... 1100001111].
Assuming that the operation unit 300 in FIG. 3 outputs the input value as it is, this value becomes the encryption key.

Next, the calculation performed by the calculation unit of the key generation unit will be described with reference to FIG.

FIG. 4 is a diagram showing an embodiment of the operation unit of the key generation unit.

To make decryption of the encryption key more difficult,
A pseudo-random number generation circuit using a linear feedback shift register as shown in FIG. 4 may be used for the arithmetic processing. The pseudorandom number generation circuit using the feedback shift register is described in detail in Okamoto's "Introduction to Cryptography", Kyoritsu Shuppan.

In FIG. 4, Si-1 to Si-n are registers. Here, since the data length of the encryption key is considered to be 64 bits, n = 64.

The operation method is as follows.
64-bit data [00 ... 1100000] created by combining base station identification information and communication connection information with Si-n.
1111] is input as an initial value. Then, a value is read from each register (C1 to Cn), and a value Si obtained by sequentially adding the values is output one bit at a time, and is used as one encryption key in 64-bit units.

The encryption and decryption procedures using the above-described encryption key will be described with reference to the flowchart of FIG.

First, in the encryption method shown in FIG. 5A, an encryption key is generated based on information determined each time a communication line is connected, time information, portable terminal, base station position information, and the like. (S500). Next, at the start of encryption, an initial value for random number generation is input to the random number generation function (S501).
Subsequently, a random number is generated by performing an operation based on the encryption algorithm using the input initial value and the encryption key generated in S500 (S502). Next, it is determined whether data to be encrypted has been input (S503),
If the data has been input, an exclusive OR operation of the data and the random number generated in S502 is performed to generate a ciphertext (S504). If data has not been input, the determination processing of S503 is repeated until data is input. S50
After outputting the ciphertext generated in step S4, the random number generated in step S502 is input to the random number generation function as an initial value for generating a random number used for encrypting the next data (S50).
505).

The processing of S502 to S505 is repeated until all data to be encrypted is encrypted.

Next, the decryption method by the decryption device of the present invention is performed in the same procedure as the encryption method as shown in FIG. First, a key for decryption is generated from information determined for each communication connection, time information, position information of a mobile terminal, a base station, and the like in the same manner as on the encryption side (S510). A predetermined initial value is input to the random number generation circuit unit (S511). Then, a random number is generated from the initial value and the encryption key generated in S510 according to some encryption algorithm (S51).
2). Next, it is determined whether a ciphertext to be decrypted has been input (S513). If the ciphertext has been input, the data is restored by performing an exclusive OR operation of the ciphertext and the random number (S514). If the ciphertext has not been input, the process of S513 is repeated until the ciphertext is input.
After outputting the data decoded in S514, the random number generated in S512 is input to the random number generation function in S512 as an initial value for generating a random number used for decoding the next data (S515). The processing of S512 to S515 is repeatedly performed until all the ciphertexts to be decrypted are decrypted.

Second Embodiment Next, a second embodiment according to the present invention will be described with reference to FIGS.

FIG. 6A is a configuration diagram of an encryption device according to the second embodiment of the present invention.

FIG. 6B is a configuration diagram of a decoding device according to the second embodiment of the present invention.

FIG. 7A is a flowchart of an encryption method according to the second embodiment of the present invention.

FIG. 7B is a flowchart of a decoding method according to the second embodiment of the present invention.

In the encryption device according to the second embodiment of the present invention, the setting of the initial value input to the random number generation circuit is different from that of the first embodiment. In the second embodiment, as in the first embodiment, at the start of encryption, a value predetermined on the encryption side and the decryption side is used at the start of encryption. However, it has a processing unit 604 that performs an operation such as increment or decrement on the initial value, and thereafter uses the processed value as an initial value for random number generation. For example, if the initial value at the start of encryption is 1, this can be expressed as [00... 01] in 64 bits.
When the next initial value is represented by 2, 64 bits by incrementing by [00 ... 10], the next initial value is 3, 6
The initial value is updated as [00... 11] in 4-bit representation.

Alternatively, an initial value for generating a random number may be set based on the frame number of data to be encrypted. A frame is a unit in which several hundred bits of transmission data are put together. By setting the initial value based on the frame number, the initial value is periodically updated each time data for one frame is encrypted. The frame number is represented by, for example, 15 bits depending on the system. In each embodiment of the present invention, since the initial value is 64 bits, a 64-bit initial value is obtained by setting the 15-bit frame number to the lower 15 bits and setting the remaining 49 bits to 0. For example, if the frame number of data is 11 at the start of encryption, the remaining 4
9 bits are set to 0, and the initial value is [00 ... 0101]
1]. When one frame of data is encrypted, the frame number is 12, the next initial value is [00... 01100] in a 64-bit expression, and the next initial value is 13, which is [00] in a 64-bit expression. …… 01101]
... is updated periodically.

By regularly updating the initial value in this manner, a random number of a different sequence can always be generated by the random number generation circuit, and the encryption strength is improved. The processing contents of the other blocks are the same as in the first embodiment.

In the decryption device, similarly to the encryption side,
At the start of encryption, an initial value predetermined on the encryption side and the decryption side is used. And increment to its initial value,
Alternatively, a processing unit 614 for performing an operation such as decrement is provided, and the value after the processing is used as an initial value for random number generation. Alternatively, an initial value for random number generation is set based on the frame number of data to be encrypted. The processing contents of the other blocks are the same as in the first embodiment.

In the second embodiment, information used for generating an encryption key, an initial value input to a random number generation circuit at the start of encryption, arithmetic processing contents such as increment or decrement applied to the initial value, or a frame number Whether to set an initial value from is determined in advance between the encryption side and the decryption side. The information that needs to be negotiated between the encryption side and the decryption side may be sent by writing it in the control information area of the data to be transmitted.

Hereinafter, the encryption method and the decryption method of the present embodiment will be described in comparison with the first embodiment with reference to FIG.

First, the encryption method includes steps 700 to 7
Steps up to step 04 are the steps 50 in the encryption method of the first embodiment.
Same as 0 to 504. In the second embodiment, S
After generating and outputting the ciphertext in 704, the previous initial value input to the random number generation circuit is subjected to arithmetic processing such as increment or decrement, and is input to the random number generation function as an initial value for the next random number generation. (S70
5). Alternatively, a value based on the frame number is set as an initial value and input to the random number generation function.

The decoding method is the same as S510 to 514 of the decoding method of the first embodiment up to S710 to S714. In the second embodiment, after outputting the restored data in S714, the previous initial value input to the random number generation circuit is subjected to arithmetic processing such as increment or decrement, and a random number is generated as an initial value for the next random number generation. Input to the generation function (S715). Alternatively, a value based on the frame number is set as an initial value and input to the random number generation function.

[Cryptographic Synchronization] Next, cryptographic synchronization between the encryption device and the decryption device will be described.

Cryptographic synchronization means that random numbers used for encryption and decryption are made to match, and the same random number used for encryption is used for decryption.
Encrypted transmitted data can be reliably decrypted into the original data.

According to the encryption device and the decryption device, and the encryption method and the decryption method of the present invention described in the first and second embodiments, the initial value input to the random number generation circuit is one frame. Since the same value is not reset and input every time, and the same random number is not generated, the period of the cryptographic random number can be made as long as necessary. If the period of the random number used for encryption is lengthened in this way, it becomes difficult for a third party to decrypt the code, and the encryption strength can be increased.

However, on the other hand, when the channel is switched during communication with the mobile phone, or when the mobile station is hidden by a shadow and the call cannot be temporarily made, the encryption between the encryption side and the decryption side is performed. Encryption keys and random numbers may not match, and in rare cases, encryption synchronization between the encryption device and the decryption device may not be achieved.

In other words, if the channel is switched during communication or the mobile station is hidden behind the scenes and the call cannot be temporarily made, the receiving side cannot receive the cipher text sent from the transmitting side for a while. Thereafter, when the call is recovered, the receiving side receives the cipher text again, and the cipher text is encrypted using the encryption key and the random number after the call recovery. On the other hand, on the receiving side, since the encryption key and the random number used for decryption are those before the call recovery, the transmitted data cannot be restored. In the conventional encryption, by resetting the initial value every frame, the strength of the encryption is weakened, but even in such a case, the encryption key and the random number are used between the encryption side and the decryption side during one frame. Was again the same to ensure cryptographic synchronization.

In the present invention, in addition to the encryption device and the decryption device and the encryption method and the decryption method described in the first and second embodiments, the synchronization between the encryption side and the decryption side is prevented. In order to do so, the following cryptographic synchronization method and communication slot format are provided. That is, cryptographic synchronization information for performing cryptographic synchronization is written in the communication slot and transmitted together with the encrypted data.

FIG. 8 shows an example of a transmission slot according to the present invention in which cryptographic synchronization information is written.

Generally, in a communication slot used for encrypted communication, the control information area is hardly used during communication connection. In the present invention, when the control information area of this communication slot is not used, a value required to generate a random number for encryption, such as an initial value input to a random number generation circuit, is encrypted using the control information area. By transmitting the message together with the sentence, it is possible to prevent the loss of synchronization. For example, in the second embodiment, a frame number used as an initial input value is written in this area and transmitted.

In a system in which the control information area of a communication slot is 16 bits, one bit is used as an identifier indicating that encryption synchronization information is transmitted. This identifier is set to 1 when the cryptographic synchronization information is transmitted, and is set to 0 when not transmitted. Then, the remaining 15 bits transmit the 15-bit frame number described in the second embodiment. For example, when transmitting the frame number 12 as the cryptographic synchronization information, the control information area sets 1 with the first bit as an identifier and sets [100... 0110].
0] (16 bits). On the decryption side, the same random number as on the encryption side is generated based on the frame number written in the control information area of the transmitted transmission slot, and the encrypted data can be reliably decrypted.

The procedure for transmitting the encryption synchronization information will be described with reference to FIG.

FIG. 9 is a flowchart showing the procedure for transmitting the cryptographic synchronization information.

First, it is determined whether the control information area is usable (S900). If it is in a usable state, an identifier indicating that encryption synchronization information is being transmitted is added (S901). If it cannot be used, the encryption information is not transmitted (S904). After attaching the identifier in S901, the encryption identification information is input to the control information area (S9).
02). Then, the communication slot in which the encryption synchronization information is input to the control information area is transmitted (S903).

Next, the procedure for receiving the encryption synchronization information will be described with reference to FIG.

FIG. 10 is a flowchart showing a procedure for receiving the cryptographic synchronization information.

First, it is determined from the identifier of the control information area whether or not the received transmission slot transmits the encryption synchronization information using the control information area (S1000). If the encryption synchronization information has not been transmitted, no encryption synchronization information is received from the control information area (S1002). If the encryption synchronization information is being transmitted, the encryption synchronization information is received from the control information area (S1001).

With the above processing, it is possible to transmit and receive the cryptographic synchronization information when the control information area is available, and to achieve cryptographic synchronization between encryption and decryption.

Next, the assignment of the cryptographic synchronization information to the information channel will be described with reference to FIG.

FIG. 11 is a diagram showing an example of assigning cryptographic synchronization information to an information channel.

When the transmission bit rate of normal audio information is 1
The case of 1.2 Kbit / sec will be described as an example. FIG.
As shown in FIG. 1, the bit rate of audio information is set to 11.2 Kb.
When it is changed from it / sec to 8Kbit / sec, the remaining 3.2Kbit / sec
Can be used to transmit cryptographic synchronization information. Furthermore, if the bit rate of the audio information is set to 5.6 Kbit / sec, the encryption synchronization information can be transmitted using 5.6 Kbit / sec which is the remaining half band. Furthermore, if the bit rate of the audio information is set to 4 Kbit / sec, the remaining 7.2 Kb
It is possible to send cryptographic synchronization information using it / sec.

Although the above-described cryptographic synchronization method has been described assuming the case of a mobile telephone, the same applies to the case where a modem or the like is connected to perform data communication. , The encryption control information may be sent using the bits generated by reducing the ratio. By the above processing, a random number or a frame number can be transmitted for each frame, and encryption can be synchronized between encryption and decryption. As described above, by obtaining the cryptographic synchronization, more stable encrypted communication becomes possible.

[0094]

According to the present invention, it is possible to provide an encryption device and a decryption device, and an encryption method and a decryption method, which are more difficult to decipher and secure the cryptographic synchronization.

Further, it is possible to provide an encryption device and a decryption device, and an encryption method and a decryption method, which are capable of ensuring stable communication by synchronizing encryption between the encryption side and the decryption side.

[Brief description of the drawings]

FIG. 1 is a configuration diagram of an entire mobile phone system using an encryption device and a decryption device.

FIG. 2A is a diagram illustrating a configuration of an encryption device and a data flow according to the first embodiment of the present invention. (B) It is a figure showing the composition of the decoding device and the data flow in the first embodiment of the present invention.

FIG. 3 is a diagram showing various information used for generating a key of the encryption device of the present invention and a configuration of a key generation unit.

FIG. 4 is a diagram illustrating an embodiment of a calculation unit of the key generation unit.

FIG. 5A is a flowchart of an encryption method according to the first embodiment of the present invention. (B) It is a flowchart of the decoding method in the first embodiment of the present invention.

FIG. 6A is a diagram showing a configuration of an encryption device and a flow of data in a second embodiment of the present invention. (B) It is a figure showing composition of a decoding device and a data flow in a second embodiment of the present invention.

FIG. 7A is a flowchart of an encryption method according to the second embodiment of the present invention. (B) It is a flowchart of the decoding method in the second embodiment of the present invention.

FIG. 8 is an example of a transmission slot according to the present invention in which cryptographic synchronization information is written.

FIG. 9 is a flowchart showing a procedure for transmitting encryption synchronization information.

FIG. 10 is a flowchart showing a procedure for receiving encryption synchronization information.

FIG. 11 is a diagram illustrating an example of assigning cryptographic synchronization information to an information channel.

FIG. 12A is a diagram showing a configuration of an encryption device used in a conventional communication system and a flow of data. (B) is a diagram showing a configuration of a decoding device used in a conventional communication system and a data flow.

[Explanation of symbols]

100, 101, 102 ... mobile terminal, 103, 10
4, 105: base station, 106: exchange control station, 107: fixed telephone network, 108: telephone, 109: encryption / decryption device, 200, 210: key generation unit, 201, 211: register, 202, 212 ... Random number generation circuit section, 203, 21
3 Exclusive OR operation unit, 300 Operation unit, 604, 6
14: Initial value operation processing unit, 1200, 1210: PN pattern generation circuit, 1201, 1211: Exclusive OR operation unit.

Claims (25)

[Claims] The present invention relates to a communication system having a base station and a mobile station communicating with the base station via a communication line. An encryption apparatus used for encrypting transmission data requiring confidentiality. The apparatus includes an encryption key generation unit that generates an encryption key, a register that stores an initial input value, and an encryption key generated by the encryption key generation unit and an initial input value that is stored in the register. A random number generation circuit that generates and outputs a random number by performing a calculation process, and a calculation unit that performs encryption on the transmission data using the random number.The encryption key generation unit includes the base station and the base station. An encryption device for generating an encryption key based on information set for each connection of a communication line with a mobile station. 2. The encryption device according to claim 1, wherein the encryption key generation unit includes base station identification information of the base station and mobile station identification of the mobile station as information set for each connection of a communication line. Information, communication connection information between the base station and the mobile station, mobile station identification information of the mobile station, time information relating to communication connection, one or more of the mobile station position information, and is predetermined. An encryption key is generated based on the operation rule. 3. The encryption device according to claim 1, wherein the random number generation circuit is a circuit that sequentially generates a random number from a random number sequence generated by performing a predetermined arithmetic processing, The random number generation circuit generates the next random number using the generated random number as an input value, and the arithmetic unit performs encryption on the transmission data using the random number. Device. 4. The encryption device according to claim 1, further comprising an initial value operation processing unit that performs a predetermined operation process on an initial input value input to the random number generation circuit, and performs the operation process. The random number generation circuit generates a random number again using the initial value subjected to the arithmetic processing stored in the register as the next initial input value, and generates the random number. Is an encryption device for encrypting the transmission data. 5. The encryption device according to claim 1, wherein the communication by the communication system is performed using a frame as a transmission unit, the frame number of the frame is stored in the register, and the frame number stored in the register is stored in the register. An encryption device, wherein the random number generation circuit generates a random number as an initial input value, and the arithmetic unit performs encryption on the transmission data using the random number. 6. A decoding apparatus used for decoding encrypted and transmitted data in a communication system having a base station and a mobile station communicating with the base station via a communication line. An encryption key generation unit that generates an encryption key, a register that stores an initial input value, and an encryption key that is generated by the encryption key generation unit and an initial input value that is stored in the register. A random number generation circuit that generates and outputs a random number by performing the calculated operation, and a calculation unit that decrypts the encrypted data using the random number. The encryption key generation unit includes the base station and the mobile station. A decryption device that generates an encryption key based on information set for each connection of a communication line between the decryption device and the communication device. 7. The decryption device according to claim 6, wherein the encryption key generation unit includes base station identification information of the base station and mobile station identification of the mobile station as information set for each connection of a communication line. Information, communication connection information between the base station and the mobile station, mobile station identification information of the mobile station, time information relating to communication connection, one or more of the mobile station position information, and is predetermined. A decryption device that generates an encryption key based on a calculation rule. 8. The decoding device according to claim 6, wherein the random number generation circuit is a circuit that sequentially generates a random number from a random number sequence generated by performing a predetermined arithmetic processing, The random number generation circuit generates the next random number by using the generated random number as an input value, and the arithmetic unit decrypts the encrypted data using the random number. . 9. The decoding device according to claim 6, further comprising: an initial value arithmetic processing unit that performs a predetermined arithmetic process on the initial input value input to the random number generation circuit, and performs the arithmetic process. The random number generation circuit generates a random number using the initial value subjected to the arithmetic processing again as the next initial input value, and the arithmetic unit uses the random number to generate the encrypted data. A decoding device for decoding the data. 10. The decoding device according to claim 6, wherein the communication by the communication system is performed using a frame as a transmission unit, the frame number of the frame is stored in the register, and the frame number stored in the register is stored in the register. A decryption device, wherein the random number generation circuit generates a random number as an initial input value, and the arithmetic unit decrypts the encrypted data using the random number. 11. An encryption method used for encrypting transmission data requiring confidentiality in a communication system having a base station and a mobile station communicating with the base station via a communication line, wherein the base station A cryptographic key is generated based on information set for each connection of a communication line between the mobile station and the mobile station, and a predetermined calculation process is performed using the cryptographic key and an initial input value to generate a random number. An encryption method for encrypting the transmission data using the random number. 12. The encryption method according to claim 11, wherein the generation of the encryption key includes base station identification information of the base station and mobile station identification of the mobile station as information set for each connection of a communication line. Information, communication connection information between the base station and the mobile station, mobile station identification information of the mobile station, time information relating to communication connection, or one or more of the mobile station position information, and is determined in advance. An encryption method for generating an encryption key based on a given operation rule. 13. The encryption method according to claim 11, wherein the generation of the random numbers sequentially generates a random number from a random number sequence generated by performing a predetermined arithmetic processing. Generating a next random number by performing a predetermined arithmetic process using the generated random number as an input value, and encrypting the transmission data using the random number. . 14. The encryption method according to claim 11, wherein a predetermined arithmetic processing is performed on the initial input value, and a random number is generated using the initial value subjected to the arithmetic processing again as the next initial input value. And encrypting the transmission data using the random numbers. 15. The encryption method according to claim 11, wherein the communication by the communication system is performed using a frame as a transmission unit, a random number is generated using a frame number of the frame as an initial input value, and the random number is used. An encryption method, wherein the transmission data is encrypted. 16. A decoding method used for decoding encrypted and transmitted data in a communication system having a base station and a mobile station communicating with the base station via a communication line, the decoding method comprising: A cryptographic key is generated based on information set for each connection of a communication line between a station and the mobile station, and a predetermined calculation process is performed using the cryptographic key and an initial input value to generate a random number. Decrypting the encrypted data using the random number. 17. The decryption method according to claim 16, wherein the generation of the encryption key includes base station identification information of the base station and mobile station identification of the mobile station as information set for each connection of a communication line. Information, communication connection information between the base station and the mobile station, mobile station identification information of the mobile station, time information relating to communication connection, one or more of the mobile station position information, and is predetermined. A decryption method comprising: generating an encryption key based on a calculated operation rule. 18. The decoding method according to claim 16, wherein the random number is generated by sequentially generating a random number from a random number sequence generated by performing a predetermined arithmetic processing. Generate a next random number by performing a predetermined arithmetic process using the generated random number as an input value,
A decryption method comprising decrypting the encrypted data using the random number. 19. The decoding method according to claim 16, wherein a predetermined arithmetic processing is performed on the initial input value, and a random number is generated using the initial value subjected to the arithmetic processing again as the next initial input value. Decrypting the encrypted data using the random number. 20. The decoding method according to claim 16, wherein the communication by the communication system is performed using a frame as a transmission unit, a random number is generated using a frame number of the frame as an initial input value, and the random number is used. A decryption method comprising decrypting the encrypted data. 21. A communication system having a base station and a mobile station that communicates with the base station via a communication line, wherein the base station and the mobile station are the encryption device according to claim 1. A communication system comprising the decoding device according to claim 6. 22. A communication system having a base station and a mobile station that communicates with the base station via a communication line, wherein the base station and the mobile station are the encryption device according to claim 3. A communication system comprising the decoding device according to claim 8. 23. A communication system having a base station and a mobile station communicating with the base station via a communication line, wherein the base station and the mobile station are: the encryption device according to claim 4; A communication system comprising the decoding device according to claim 9. 24. A communication system having a base station and a mobile station communicating with the base station via a communication line, wherein the base station and the mobile station are: A communication system comprising the decoding device according to claim 10. 25. The communication system according to claim 22, wherein data transmission between the base station and the mobile station is performed via a transmission slot having a control information area and a transmission information area. A station and the mobile station, a determining unit that determines whether a control information area of the transmission slot to be transmitted is in a usable state, and a unit that writes cryptographic synchronization information for performing cryptographic synchronization in the control information area; Means for adding an encryption synchronization information identifier indicating whether or not the transmission slot is transmitting encryption synchronization information to the control information area; and determining whether the transmission slot is encrypted based on the encryption synchronization information identifier in the control information area of the received transmission slot. Means for determining whether or not information is being transmitted; and means for receiving encryption synchronization information from a control information area of the transmission slot. Communication system, characterized by.